I'm trying to hit my server's endpoint with a multipart/form-data request sent from Postman. I'm getting a 400 Bad Request and the cause is:
org.jvnet.mimepull.MIMEParsingException: Missing start boundary.
How can I set the start boundary and how do I know what it should be?
https://github.com/postmanlabs/postman-app-support/issues/191 Following that thread here seems that setting the request header to Content-Type multipart/form-data I'm overriding the value set by Postman.
There is no need to add a content-type header manually. You are
overriding the value set by Postman. Just select form-data in POST
request and send your request to see if it works.
Removing the header allowed me to hit my endpoint.
Overriding POSTMAN header values is the issue as mentioned by Anton above. Here is how your headers and request body should look like for standalone POSTMAN client:
As a work around try this:
spring:
jersey:
application-path: /rest # Path that serves as the base URI for the application. Overrides the value of "#ApplicationPath" if specified.
filter.order: 0 # Jersey filter chain order.
type: servlet # Can be either "servlet" or "filter".
init.*:
type servlet worked fine, where as filter is throwing the Start Boundary error.
Related
Simple restTemplate exchange used for a GET request.
Header information
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Arrays.asList(MediaType.ALL));
headers.setContentType(MediaType.APPLICATION_JSON_UTF8);
headers.add("Authorization", ************);
URL:
/api/odata/GetAvailableObjects?fromTime=datetime'2018-02-02T12:00:00'&$format=json&toTime=datetime'2018-02-10T12:00:00'
I tried building this URL with either MessageFormat.format or URIBuilder.
The single quotes are the problem. So far I tried double-ing them, escaping them
or leaving them as they are.
I enabled some extra logging with :
logging.level.org.springframework.web.client.RestTemplate=DEBUG
This displays the URL.. if I copy that URL and paste it in POSTMAN, I receive results, from spring I receive 400 Bad request.
I suppose it might be some additional encoding to blame.
Any ideas?
The JWT had way to many scopes, the server API decided to throw a 400 without any message and the server logs were not available..
A flag in application.properties that sets the maximum header size.
In my Ruby on Rails application I tried to upload an image through the POSTMAN REST client in Base64 format. When I POST the image I am getting a 406 Not Acceptable Response. When I checked my database, the image was there and was successfully saved.
What is the reason for this error, is there anything I need to specify in my header?
My request:
URL --- http://localhost:3000/exercises.json
Header:
Content-Type - application/json
Raw data:
{
"exercise": {
"subbodypart_ids": [
"1",
"2"
],
"name": "Exercise14"
},
"image_file_name": "Pressurebar Above.jpg",
"image":"******base64 Format*******"
}
Your operation did not fail.
Your backend service is saying that the response type it is returning is not provided in the Accept HTTP header in your Client request.
Ref: http://en.wikipedia.org/wiki/List_of_HTTP_header_fields
Find out the response (content type) returned by Service.
Provide this (content type) in your request Accept header.
http://en.wikipedia.org/wiki/HTTP_status_code -> 406
406 Not Acceptable
The resource identified by the request is only capable of generating response entities which have content characteristics not
acceptable according to the accept headers sent in the request.
406 happens when the server cannot respond with the accept-header specified in the request.
In your case it seems application/json for the response may not be acceptable to the server.
You mentioned you're using Ruby on Rails as a backend. You didn't post the code for the relevant method, but my guess is that it looks something like this:
def create
post = Post.create params[:post]
respond_to do |format|
format.json { render :json => post }
end
end
Change it to:
def create
post = Post.create params[:post])
render :json => post
end
And it will solve your problem. It worked for me :)
"Sometimes" this can mean that the server had an internal error, and wanted to respond with an error message (ex: 500 with JSON payload) but since the request headers didn't say it accepted JSON, it returns a 406 instead. Go figure. (in this case: spring boot webapp).
In which case, your operation did fail. But the failure message was obscured by another.
You can also receive a 406 response when invalid cookies are stored or referenced in the browser - for example, when running a Rails server in Dev mode locally.
If you happened to run two different projects on the same port, the browser might reference a cookie from a different localhost session.
This has happened to me...tripped me up for a minute. Looking in browser > Developer Mode > Network showed it.
const request = require('request');
const headers = {
'Accept': '*/*',
'User-Agent': 'request',
};
const options = {
url: "https://example.com/users/6",
headers: headers
};
request.get(options, (error, response, body) => {
console.log(response.body);
});
Changing header to Accept: */* resolved my issue and make sure you don't have any other Accept Header
In my case, I added:
Content-Type: application/x-www-form-urlencoded
solved my problem completely.
If you are using 'request.js' you might use the following:
var options = {
url: 'localhost',
method: 'GET',
headers:{
Accept: '*/*'
}
}
request(options, function (error, response, body) {
...
})
In my case for a API in .NET-Core, the api is set to work with XML (by default is set to response with JSON), so I add this annotation in my Controller :
[Produces("application/xml")]
public class MyController : ControllerBase {...}
Thank you for putting me on the path !
It could also be due to a firewall blocking the request. In my case the request payload contained string properties - "like %abc%" and ampersand symbol "&" - which caused the firewall to think it is a security risk (eg. a sql injection attack) and it blocked the request. Note here the request does not actually go to the server but is returned at the firewall level itself.
In my case, there were no application server logs generated so I knew that the request did not actually reach the server and was blocked before that. The logs that helped me were Web application firewall (WAF) logs.
Here is my issue. I want to be able to receive a REST request at an url like
localhost:8080/API to some other address like example.app/API, however I want to add some extra fields to the existing REST request like uuid and user_id which are generated by some Java class or extracted from another Rest service.
So for example I get following request:
GET /API/myfunc HTTP/1.1
Host: www.example.com
And resend a request
GET /example.app/API?uuid=1231231231231&user_id=3 HTTP/1.1
Host: www.example.com
Now this is simple if its a GET request, but what if it's a POST request?
Is there a already made solution to this problem?
UrlRewriteFilter [1] might help you here.
Such a filter allows you to define advanced redirecting rules and gives you access to the request and response objects (e.g. you can use request.addParameter(...))
Check the <run> element and <class-rule> element sections from [2].
[1] https://stackoverflow.com/questions/tagged/tuckey-urlrewrite-filter
[2] http://cdn.rawgit.com/paultuckey/urlrewritefilter/master/src/doc/manual/4.0/index.html
even though i have appended my service response with following provided CORS Headers :
resp.setContentType("application/json");
resp.addHeader("Access-Control-Allow-Origin", "*");
resp.addHeader("Access-Control-Allow-Credentials", "true");
resp.addHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS");
resp.addHeader("Access-Control-Allow-Headers", "Origin,accept,content-type");
resp.flushBuffer();
i am still getting below error in the console while trying to access some of the POST web methods in the service through my AngularJS frontend.
XMLHttpRequest cannot load http://192.***.*.***:8080/abc/def/search/vehicleManufacturer. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.***.*.***:8085' is therefore not allowed access.
However within the same class, some POST methods without any payloads are responding perfectly. Any suggestions ?
EDIT--------->
Below is my AngularJS client screen code for calling the web method:-
getVehicleModel : function(searchData,$scope){
$http({
method:'POST',
url:'http://192.169.*.***:8085/abc/def/search/vehicleModel',
dataType:'jsonp',
data:searchData
}).
success(function(data){
console.log("vehicle model")
$scope.vehicleModel = data.Response;
});
},
I think the problem here is Preflighted Requests in CORS.
From the Mozilla docs,
Unlike simple requests (discussed above), "preflighted" requests first
send an HTTP request by the OPTIONS method to the resource on the
other domain, in order to determine whether the actual request is safe
to send. Cross-site requests are preflighted like this since they may
have implications to user data. In particular, a request is
preflighted if:
It uses methods other than GET, HEAD or POST. Also, if POST is used to send request data with a Content-Type other than
application/x-www-form-urlencoded,
multipart/form-data
text/plain
e.g. if the POST request sends an XML payload to the server using application/xml or text/xml, then the request is preflighted.
It sets custom headers in the request (e.g. the request uses a header such as X-PINGOTHER)
As explained above, even though you're making a simple POST request, the Content-Type in your request is application/json which is different from the 3 types mentioned above, so it's considered as a Preflight request and an OPTIONS request is fired before your actual POST request.
You can solve this by implementing doOptions in your servlet, just add the headers there and it will work :)
The preflight (OPTIONS) is occurring due to the fact that you are sending a cross-origin ajax request AND specifying an Authorization header with this GET request.
Also (this is not causing an issue) I would suggest removing the contentType option. This doesn't make sense in the context of a GET request. A GET request should not have any content. All data should be included in the query string or, possibly, headers.
The Authorization header will not be sent with the OPTIONS. You must acknowledge it server-side, and then the browser will send the underlying GET. Read more about CORS at https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS .
I have a Spring and Jersey application and has that line:
return Response.ok().header("Content-Type", "application/xml; charset=UTF-8").entity(restTemplate.postForObject(baseURL, entity, String.class)).build();
However when I debug at server side I see that Content-Type header is just application/xml. Any ideas?
However when I debug at server side I see that Content-Type header is
just application/xml
I am getting this in my code and during debug I can see the header which is proper.
Please verify.
I don't know but Sorry if I went wrong.
You have to set a separate header with
.header("charset", "UTF-8")
Seems like Jersey is reading the header value only upto the semicolon.